Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          A1dQi6nq7ijvurWCuwnxD7u4p1u/KaPTwsiR8a6t650=
Subject key identifier:   FC:9F:C3:E6:A3:C3:9E:96:D4:35:E9:55:EB:DF:5C:F8:2C:2D:1A:99
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019E1E34E2082CB604CFC4431B9DFF064445
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          09B7
Signing time:             Tue 12 May 2026 22:00:42 +0000
Manifest this update:     Tue 12 May 2026 22:00:42 +0000
Manifest next update:     Wed 13 May 2026 22:00:42 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: d0UGnHHmxPcL7wQH7L2XnAOnK9OhE20M8L8dngGMvk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:34:e2:08:2c:b6:04:cf:c4:43:1b:9d:ff:06:44:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: May 12 22:00:42 2026 GMT
            Not After : May 13 22:00:42 2026 GMT
        Subject: CN=fc9fc3e6a3c39e96d435e955ebdf5cf82c2d1a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b7:86:5f:73:c1:73:3d:8e:48:29:d6:35:91:
                    b0:90:b2:5d:6d:18:e0:d8:bc:01:5f:68:f6:fa:09:
                    07:96:cd:9d:e4:9b:23:b3:a9:78:1b:44:b0:3c:48:
                    41:51:42:76:44:74:67:5d:57:df:1e:a6:23:dd:72:
                    fa:a8:40:52:18:64:1a:c2:47:d7:df:54:ac:51:2e:
                    3f:bd:cf:c8:59:84:4a:58:b5:66:64:12:4a:b5:38:
                    28:75:3a:df:e2:cb:89:19:0b:8b:95:b6:ec:42:f1:
                    43:37:a3:2e:d7:9b:43:e5:78:4f:5f:ef:b1:24:ce:
                    7d:68:67:10:bd:c8:50:08:33:dd:4f:e6:50:93:08:
                    c1:34:9d:58:3b:84:9b:e2:ae:c1:60:d9:e2:67:0c:
                    97:d8:a9:c7:61:13:d2:45:4f:dd:bc:b6:9a:fa:81:
                    33:08:11:09:b6:b4:b0:57:a6:68:7f:30:36:b4:08:
                    83:03:a0:8a:e9:48:09:91:0a:a9:0b:25:0e:f3:f4:
                    7d:ed:45:b0:a0:49:73:02:e3:3a:04:36:7b:7d:c4:
                    40:cd:c4:cd:b0:83:12:da:c4:d9:12:6d:a2:9a:46:
                    33:af:e1:09:da:bf:1c:1e:39:e4:ba:65:88:fe:b2:
                    2f:b4:bd:3e:45:bf:71:4f:80:f5:d4:90:75:22:55:
                    9a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:9F:C3:E6:A3:C3:9E:96:D4:35:E9:55:EB:DF:5C:F8:2C:2D:1A:99
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:3b:89:32:cc:b4:8c:53:31:35:41:aa:a1:29:ee:b9:5d:a4:
         63:4f:e8:ec:8f:88:ff:2c:e5:41:c3:61:59:fb:9b:4d:79:14:
         fe:6a:c2:c6:f5:f6:76:4c:db:9f:af:67:14:16:a9:63:86:00:
         e4:dd:d6:bc:85:18:cb:91:eb:79:de:38:0b:62:64:f1:8e:cd:
         a9:40:b8:61:57:ca:d9:44:ce:0f:60:ac:e7:ab:aa:09:24:2d:
         3e:bd:1b:45:81:3c:78:22:66:01:d2:72:f8:42:8f:50:ca:dd:
         d0:76:d3:be:48:ad:a1:2b:54:cd:74:7f:08:9c:b4:46:a3:9b:
         7f:df:e6:21:cd:84:db:84:1b:26:d8:3b:f7:a1:37:64:66:54:
         b9:b2:12:b2:f0:93:0b:8e:5a:50:08:4c:29:ce:da:4e:67:fc:
         43:d2:1a:98:09:b2:45:77:2f:48:36:b6:f8:bf:24:b9:c5:a5:
         ee:e9:2c:ef:c0:9d:8d:4f:89:45:04:88:58:08:ca:df:38:e0:
         64:7f:71:bf:14:26:9b:03:17:40:04:85:3b:40:86:15:c3:5c:
         82:ff:e3:40:b8:90:a1:ca:0d:2c:ca:83:d0:69:cf:ce:c3:9b:
         c7:19:35:0e:2a:46:38:dc:fb:62:46:c4:ba:aa:1c:e0:f4:96:
         41:2b:d5:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNOIILLYEz8RDG53/BkRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjYwNTEyMjIwMDQyWhcNMjYwNTEzMjIwMDQyWjAzMTEwLwYDVQQD
EyhmYzlmYzNlNmEzYzM5ZTk2ZDQzNWU5NTVlYmRmNWNmODJjMmQxYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsreGX3PBcz2OSCnWNZGwkLJdbRjg
2LwBX2j2+gkHls2d5Jsjs6l4G0SwPEhBUUJ2RHRnXVffHqYj3XL6qEBSGGQawkfX
31SsUS4/vc/IWYRKWLVmZBJKtTgodTrf4suJGQuLlbbsQvFDN6Mu15tD5XhPX++x
JM59aGcQvchQCDPdT+ZQkwjBNJ1YO4Sb4q7BYNniZwyX2KnHYRPSRU/dvLaa+oEz
CBEJtrSwV6ZofzA2tAiDA6CK6UgJkQqpCyUO8/R97UWwoElzAuM6BDZ7fcRAzcTN
sIMS2sTZEm2imkYzr+EJ2r8cHjnkumWI/rIvtL0+Rb9xT4D11JB1IlWapwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyfw+ajw56W1DXpVevfXPgsLRqZMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTuJMsy0
jFMxNUGqoSnuuV2kY0/o7I+I/yzlQcNhWfubTXkU/mrCxvX2dkzbn69nFBapY4YA
5N3WvIUYy5Hred44C2Jk8Y7NqUC4YVfK2UTOD2Cs56uqCSQtPr0bRYE8eCJmAdJy
+EKPUMrd0HbTvkitoStUzXR/CJy0RqObf9/mIc2E24QbJtg796E3ZGZUubISsvCT
C45aUAhMKc7aTmf8Q9IamAmyRXcvSDa2+L8kucWl7uks78CdjU+JRQSIWAjK3zjg
ZH9xvxQmmwMXQASFO0CGFcNcgv/jQLiQocoNLMqD0GnPzsObxxk1DipGONz7YkbE
uqoc4PSWQSvVDg==
-----END CERTIFICATE-----